93433dba050842d2750028cbb6f8cb5e23e74e5ca85a4d7dfff8f70bb9219cad

Sharing

Copy URL Twitter E-mail

General

Target

93433dba050842d2750028cbb6f8cb5e23e74e5ca85a4d7dfff8f70bb9219cad
Size

819KB
MD5

b8ba050d47175782a3fc614502fec28a
SHA1

98ed3691ccf4e32bb2910111cd0b6436f42d2fc3
SHA256

93433dba050842d2750028cbb6f8cb5e23e74e5ca85a4d7dfff8f70bb9219cad
SHA512

f2c19301a00957972f559187cf5ba141c27114a2e323ea66ac8500227e4b4b3ff1c6ef72e593f84bb29b3933615ae1a89f40738f0b38e83e843c0113fb088932
SSDEEP

24576:5JCudtLXm0BgCBbhzz5RzIQ1yuQfcBgY:5JCuW0GCBJ5R7guycBg

Score

N/A

Malware Config

Signatures

Files

93433dba050842d2750028cbb6f8cb5e23e74e5ca85a4d7dfff8f70bb9219cad
.exe windows x86

8cdddec362d8080c620c10462b208c6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kerberos

SpUserModeInitialize
KerbCreateTokenFromTicket
SpInitialize
SpLsaModeInitialize
KerbDomainChangeCallback
KerbKdcCallBack
KerbMakeKdcCall
KerbIsInitialized
SpInstanceInit

cfgmgr32

CM_Get_Res_Des_Data
CM_Locate_DevNode_ExA
CM_Disable_DevNode_Ex
CM_Set_DevNode_Problem
CM_Get_DevNode_Registry_PropertyW
CM_Get_Res_Des_Data_Size_Ex
CMP_RegisterNotification
CM_Disconnect_Machine
CM_Get_Resource_Conflict_DetailsW
CM_Is_Dock_Station_Present_Ex
CM_Free_Log_Conf_Ex
CM_Get_Device_ID_ExW
CM_Uninstall_DevNode_Ex
CM_Detect_Resource_Conflict
CM_Run_Detection_Ex
CM_Query_And_Remove_SubTree_ExA
CM_Move_DevNode
CM_Get_Sibling
CM_Get_Device_ID_List_Size_ExA

mprapi

MprAdminInterfaceTransportRemove
MprAdminDeregisterConnectionNotification
MprAdminServerConnect
MprAdminInterfaceGetCredentials
MprAdminPortEnum
MprAdminInterfaceTransportAdd
MprAdminConnectionClearStats
MprPortSetUsage
MprAdminMIBEntryGetFirst
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceDeviceGetInfo
MprAdminUserWriteProfFlags
MprAdminInterfaceConnect
MprAdminUserOpen
MprAdminConnectionGetInfo
MprConfigInterfaceEnum
MprAdminUpgradeUsers
MprConfigTransportGetHandle
MprAdminEstablishDomainRasServer
MprConfigTransportCreate
MprInfoBlockRemove
MprAdminInterfaceSetCredentials
MprAdminInterfaceDelete
MprInfoRemoveAll
MprConfigInterfaceCreate
MprConfigServerDisconnect
MprConfigInterfaceSetInfo
MprAdminInterfaceUpdatePhonebookInfo
MprAdminDeviceEnum
MprAdminUserGetInfo

dbghelp

sym
SymGetLinePrev
WinDbgExtensionDllInit
SymGetSymFromName
SymGetLinePrev64
SymEnumerateSymbolsW
FindFileInSearchPath
SymGetModuleBase64
SymGetModuleInfo64
FindExecutableImage

kernel32

SetHandleInformation
GetCurrentThread
VDMOperationStarted
LoadLibraryW
GetLocaleInfoW
SetUnhandledExceptionFilter
ReadConsoleA
RegisterConsoleOS2
RequestWakeupLatency
GetProcessPriorityBoost
FreeEnvironmentStringsA
GetVolumeInformationW
GetModuleHandleW
FindFirstVolumeMountPointW
CreateDirectoryExA
SetUserGeoID

msvcirt

?bitalloc@ios@@SAJXZ
?doallocate@strstreambuf@@MAEHXZ
?get@istream@@QAEAAV1@AAC@Z
?overflow@filebuf@@UAEHH@Z
??0Iostream_init@@QAE@XZ
??_8strstream@@7Bistream@@@
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
??1istream_withassign@@UAE@XZ
?put@ostream@@QAEAAV1@E@Z
??_7istream@@6B@
??_8ifstream@@7B@

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cdddec362d8080c620c10462b208c6e

Headers

DLL Characteristics

File Characteristics

Imports

kerberos

cfgmgr32

mprapi

dbghelp

kernel32

msvcirt

Sections

.text Size: 370KB - Virtual size: 370KB

.rdata Size: 161KB - Virtual size: 160KB

.data Size: 181KB - Virtual size: 1.5MB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 1024B - Virtual size: 836B

.text
Size: 370KB - Virtual size: 370KB

.rdata
Size: 161KB - Virtual size: 160KB

.data
Size: 181KB - Virtual size: 1.5MB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 1024B - Virtual size: 836B